HELLO AND WELCOME! Before you can post your question, you'll have to register -- it's completely free and registered users see less advertising! If you just want to browse through the existing questions, just select the forum that you want to visit from the selection below. Otherwise, click here to register!. We highly recommend that you print a copy of our Guide for New Members. Enjoy!

openswan to fortigate

I have over 150 Openswan ipsec vpn tunnels from various parts of North America all connecting to a Fortigate 310b firewall/routerThe majority of the tunnels come up fine. The problem is that after an hour or so some (not all) of the tunnel drop for some unknown reason.I have created a script on each client that checks to see if the tunnel is up and if it is not, the tunnel is to be reestablished which works fine.The problem is that I am trying to run backup scripts through these tunnels and there up and down which is ruining my backups.I have been fighting this problem for many days and I have spent countless hours searching forum posts to no avail.

Openswan (Centos & Ubuntu) vs. Fortinet (800)

Hi,

I'm relatively new to Linux and I'm struggling with OpenSwan since early last month in Centos 5.3. I'll try to explain my experience because sadly there is very little info from Fortinet.
First I must say that the latest FortiClient 3.0 & 4.0 worked well but I also had frequent disconnections with earlier 3.0 versions, so I would recommend you to use the Windows client as a reference.

With Linux I have had tons of problems but at last I have a working config with version OpenSwan 2.6.16 which I had to compile in CentOS (in Ubuntu the 2.4.x version that comes doesn't work at all).

My configuration looks pretty much like yours, except that I was obliged to use the parameter leftsourceip=MyPublicIPAddress because otherwise I connected but could not access the right private network. This is a problem because, at home I have a Public Dynamic IP that my ISP changes frequently, I would like to solve this issue.
Other issue I had is that OpenSwan doesn't seem to accept the remote networks DNS's so I had to rely on an up/down script or use a local dnsmasq server.
Now I'm planning to make the connection on demand and try to run OpenSwan in OpenWRT on a Wifi router. Any advice?